Hacker And The Fed

This podcast covers interesting topics like the Equifax breach, the potential vulnerability of Google Authenticator, an iPhone exploit chain, and the arrest of a Department of State IT contractor on espionage charges. They also discuss the excitement of breaching a system, hacker motivations, asset management in cybersecurity, segmentation and risk assessment in online services, and the importance of following rules and not engaging in illegal activities.

This week on Hacker And The Fed we answer listener questions about finding out our relative is a hacker, applying for a cyber security job as a chemical engineer, preparing you for a technical interview, the FBI being a great place to work, is MFA once every 24 hours too much, and much more.Get your Hacker and the Fed merchandise at hackerandthefed.comSend HATF your questions at questions@hackerandthefed.com

Iran and North Korea hacking crews target security researchers, US Departments of State and Commerce compromised due to a Windows crash report, victories over Russian hackers, your car may have sensitive information about your sex life, Swiss insurer fined $3M for cyber security flaws

Chris, former FBI agent, discusses the FBI's Operation 'Duck Hunt' takedown, hackers' secret weapon for doxing, NYC subway's online tracking, leaving the FBI, cybersecurity job opportunities, and red teaming vs pen testing.

Topics covered in the podcast include a Danish cloud provider losing customer data, a hacker using a fire stick to continue hacking, a zero day vulnerability exploited by cybercriminals, HTML smuggling leading to domain-wide ransomware, the cybersecurity hiring gap and qualifications for entry-level positions, and the transition of active hackers to becoming white hats.

Andrew Morris, founder and CEO of GreyNoise, discusses internet honeypots and entering the cybersecurity industry. They talk about the value of analyzing data from honeypots, the role of GreyNoise in identifying security threats, and the importance of reporting software vulnerabilities.

This week on Hacker And The Fed Zoom wanted to use your calls to train artificial intelligence, the NSA and DARPA are presenting challenges to the cyber security community, and we answer listener questions from a US military chaplain about justice, a former black hat about a career in cyber security, and even a hacker who used a compromised email account to ask us how to stop hacking.Links from the episode:Zoom walks back controversial privacy policyhttps://www.thestreet.com/technology/zooms-latest-move-may-make-you-reconsider-using-the-service Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chatshttps://thehackernews.com/2023/08/microsoft-exposes-russian-hackers.html Hackers to compete for nearly $20 million in prizes by using A.I. for cybersecurity, Biden administration announceshttps://www.cnbc.com/2023/08/09/biden-admin-launches-hacking-challenge-to-use-ai-for-cybersecurity.htmlhttps://aicyberchallenge.com/rules/ NSA: Codebreaker Challenge Helps Drive Cybersecurity Educationhttps://www.darkreading.com/attacks-breaches/nsa-talks-codebreaker-challenge-success-influence-on-education Lil Tay Meta Helped Get Account Back from Hackerhttps://www.tmz.com/2023/08/12/lil-tay-dead-dies-hacker-meta-instagram-hacked-account-hoax/ CISCO Launches a FREE 120-Hour Ethical Hacking Traininghttps://cursin.net/en/cisco-launches-a-free-120-hour-ethical-hacking-training/ Support our sponsor:Go to JoinDeleteMe.com/FED code FED20 for 20% off all consumer plans Get your Hacker and the Fed merchandise at hackerandthefed.com

US hunts Chinese malware, year in review of zero-day exploits, study finds no evidence of cyber insurance payment trends, Tenable CEO accuses Microsoft of negligence, listener questions from Greece, Holland, and a new NSA hacker

This week on Hacker And The Fed what authentication attacks might look like in a phishing resistant future, the SEC now requires companies to disclose cyber attacks, there are many more US government domains in the .com world than you might think, and other news stories from this week in cyber security.Links from the episode:What might authentication attacks look like in a phishing-resistant future?https://blog.talosintelligence.com/what-might-authentication-attacks-look-like-in-a-phishing-resistant-future/The Messaging Layer Security (MLS) Protocolhttps://datatracker.ietf.org/doc/html/rfc9420List of public government managed domains that exist outside of the top-level .gov and .mil domainshttps://github.com/GSA/govt-urls/blob/main/1_govt_urls_full.csvTop level domain operator wants out of the businesshttps://domainnamewire.com/2023/07/26/top-level-domain-operator-wants-out-of-the-business/Network giants unite to fight security riskshttps://www.networkworld.com/article/3703233/network-giants-unite-to-fight-security-risks.htmlCybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breacheshttps://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.htmlNorwegian government IT systems hacked using zero-day flawhttps://www.bleepingcomputer.com/news/security/norwegian-government-it-systems-hacked-using-zero-day-flaw/https://www.dss.dep.no/aktuelle-saker/departementer-utsatt-for-dataangrep/https://www.wsj.com/articles/critical-infrastructure-companies-warned-to-watch-for-ongoing-cyberattack-76508d83Satellites Are Rife With Basic Security Flawshttps://www.wired.com/story/satellites-basic-security-flaws/ Support our sponsors:Go to hellofresh.com/50hatf code 50hatf for 50% off plus free shippingGet your Hacker and the Fed merchandise at hackerandthefed.comGet your Hacker and the Fed merchandise at hackerandthefed.com

This week on Hacker And The Fed new cyber security labels proposed by the US government could help us buy our new devices, an employee exposes thousands of intelligence and defense employees, Google may be restricting internet access to some employees to reduce their cyber attack risk, a hacker infects his own computer, and Google says an Apple employee found a zero-day but didn't report it, and we answer listener questions about our phones getting searched and email encryption.Links from the episode: White House teams with Amazon, Google and Qualcomm on cybersecurity labels for gadgetshttps://www.cnbc.com/2023/07/18/us-cyber-trust-labels-will-help-consumers-pick-safer-smart-devices.html Google exposes intelligence and defense employee names in VirusTotal leakhttps://therecord.media/virustotal-user-email-addresses-leaked-google-military-intelligence Google restricting internet access to some employees to reduce cyberattack riskhttps://www.cnbc.com/2023/07/18/google-restricting-internet-access-to-some-employees-for-security.html Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malwarehttps://www.securityweek.com/black-hat-hacker-exposes-real-identity-after-infecting-own-computer-with-malware/ IT Security Analyst Jailed for Impersonating as a Hacker in Own Companyhttps://cybersecuritynews.com/it-security-analyst-jailed/ Google says Apple employee found a zero-day but did not report ithttps://techcrunch.com/2023/07/20/google-says-apple-employee-found-a-zero-day-but-did-not-report-it/https://news.ycombinator.com/item?id=36803537 Microsoft Cybersecurity Analyst Professional Certificatehttps://www.coursera.org/professional-certificates/microsoft-cybersecurity-analyst Cybersecurity Expert Kevin David Mitnick diedhttps://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 Listener Questions:https://www.theverge.com/2021/8/18/22630439/apple-csam-neuralhash-collision-vulnerability-flaw-cryptography Support our sponsors:Go to JoinDeleteMe.com/FED and use the code FED20 for 20% offGo to drata.com/partner/hacker-fed and get 10% off Drata and waived implementation fees Get your Hacker and the Fed merchandise at hackerandthefed.com